GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...
SecurityWeek

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python repositories.
Microsoft

Contagious Interview: Malware delivered through fake developer job interviews

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...
IEEE

PAEWS: Public-Key Authenticated Encryption With Wildcard Search Over Outsourced Encrypted Data

Abstract: Public-key Encryption with Keyword Search (PEKS) is a promising cryptographic mechanism that enables a semi-trusted cloud server to perform (on-demand) keyword searches over encrypted data ...
Infosecurity-magazine.com

Fraud Investigation Reveals Sophisticated Python Malware

A sophisticated Python-based malware deployment uncovered during a fraud investigation has revealed a layered attack involving obfuscation, disposable infrastructure and commercial offensive tools.
Reuters

'Moltbook' social media site for AI agents had big security hole, cyber firm Wiz says

WASHINGTON, Feb 2 (Reuters) - A buzzy new social network where artificial intelligence-powered bots appear to swap code and gossip about their human owners had a major flaw that exposed private data ...
vg247

Quantic Dream addresses toxicity, tech bugs and tutorials for Spellcasters Chronicles closed beta 2 - here's how to get a key

Quantic Dream has opened up its upcoming fantasy MOBA for a second closed beta weekend starting from today, January 29, until 9AM UTC on Monday February 2. The closed beta is for PC only in Europe, ...
Redmond Pie

Microsoft’s Bitlocker Encryption Keys Given To The FBI Set A Worrying Precedent

Microsoft was asked last year to give the FBI access to the encryption keys used by BitLocker to protect data on three laptops. The company complied and warned that it receives around 20 similar ...
Dark Reading

Vibe-Coded 'Sicarii' Ransomware Can't Be Decrypted

Victims hit with the emerging Sicarii ransomware should never opt to pay up: the decryption process doesn't work, likely a result of an unskilled cybercriminal using vibe-coding to create it.
HotHardware

Microsoft Gave BitLocker Encryption Keys To The FBI, Report Claims

Microsoft has confirmed that it provided BitLocker recovery keys to the FBI in response to a valid legal order, giving investigators the ability to decrypt hard drives that would otherwise have been ...
Inc

Microsoft Handed Encryption Keys to the FBI—Here’s Why It Could Matter to You

Earlier this year, the FBI served Microsoft with a search warrant requesting recovery keys for encrypted data stored on three laptops. Microsoft complied. Marking the first known instance in which the ...